this post was submitted on 05 Jul 2026
18 points (84.6% liked)

Selfhosted

60507 readers
858 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

I'm a software developer working in the telecam sector on security related products, so I know a fair bit about system security. Yet I wound secure my own system far less than most people here if I didn't enjoy cybersecurity as a hobby.

I wonder what you are securing against? Some examples:

  • jellyfin: unless you have home videos on there, what does it matter if someone exfiltrates some movies? Surely you have basic DOS protection and/or region locking to reduce wasted network traffic, right?
  • linux: I assume nobody is using their servers as daily drive PCs, so what does it matter if somehow your system is superficially compromised. You can always reimage. Sure they could mine some bitcoin with your system, but it doesn't have that much PSU headroom to cost you much on your bills, right?

It just seems like most attack vectors lead to mild annoyance at most for most systems.

Do you guys just enjoy cybersecurity? Do you actually keep sensitive data on your self hosted systems? Do you self-host on expensive hardware? What am I missing?

you are viewing a single comment's thread
view the rest of the comments
[–] tangeli@piefed.social 3 points 2 days ago

The biggest threats I am concerned with are:

  • my liability and harm to my reputation resulting from unauthorized abuse of my systems
  • consumption of my limited Internet access bandwidth and capacity
  • corruption or loss of my systems and data
  • theft and sale or other abuse of my private data

The first results mostly from the risk of my systems being incorporated into bot nets.

The second from bot nets and abusive crawlers.

The latter results mostly from ransom ware or open ended theft and exploitation of my data.

The threats are not all from the Internet. I saw an article recently about 'smart' TVs that are configured to be part of a web scraping infrastructure that the vendors sell as a service, in some cases configured to use up to 200GB per month of bandwidth.